GAMERFUN EXPLORER GF-3XPLORER Local File Include and Cross-Site Scripting Vulnerabilities

GAMERFUN EXPLORER GF-3XPLORER is prone to multiple local file-include vulnerabilities and a cross-site scripting vulnerability.

An attacker could exploit these issues to execute local script code in the context of the application and access sensitive data. The attacker may also be able to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks.

These issues affect GF-3XPLORER 2.4; other versions may also be vulnerable.


Privacy Statement
Copyright 2010, SecurityFocus